Whatever business you are in, the EU GDPR is likely having an impact on your organisation. GDPR is a regulation which applies to anyone doing business in or with Europe. If you process the personal information of EU subjects you need to comply. The introduction of GDPR has forced organisations of all sizes to re-think their data governance processes, which is generating a renewed interest in email archiving.
Three months on from enforcement date – what has happened?
In the lead-up to GDPR enforcement in May 2018, new businesses and categories of technology to help organisations comply with the regulation appeared. Vendors quickly re-positioned their products and services to demonstrate how they could help. The upshot of this flurry of activity was heightened awareness of GDPR amongst many people, whether they had a vested business interest or not.
Fast forward to present day and many of these highly aware individuals have become a headache for businesses – they know their rights and are exercising them. According to the Financial Times, Facebook has seen a three or fourfold increase in the number of subject access requests (SAR) and Marriott, the hotel operator, has asked for an extension of the SAR response window, to enable it to cope with the volumes. The same article highlights the trend for tools and even apps that allow individuals to easily submit SARs.
What appears to be top of mind for many organisations is how they can respond in a timely manner to the requests they are receiving from these newly aware individuals. Here is what you need to know and how Cyren can help.
Understand an individual’s rights
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling
Be prepared to respond to individuals exercising their rights
- Find the right data for SARs when you receive them
- Meet shorter response times than ever before (one calendar month)
- Demonstrate compliance with the right to erasure, often referred to as the right to be forgotten
Keep data secure, safe and only for as long as you need it
- Demonstrate privacy by design
- Protect personal information and manage it securely
- Demonstrate appropriate data retention for various data types
- Information that does not need to be accessed regularly, but which still needs to be retained, should be safely archived or taken offline
Don’t get caught out, make sure you know:
- Where locally stored data is in breach of policy (e.g. local .pst files)
- Who the people with access to your current archive are and that they are accessing it in accordance with policy
Cyren helps manage personal information and supports the right to be forgotten
Cyren keeps all email and attachments secure, protecting and controlling access to data. Most importantly, if GDPR requires you to delete personal information you hold on an individual, Cyren will enable you to find and remove all the data from your email and attachments and to have the audited proof that you have met the requirement.
Cyren helps you respond to subject access requests without delay
Under GDPR your business will need to produce information rapidly. Unlike most email archives, Cyren doesn’t use a database to store email, but stores files by date, making searches much quicker as more concise datasets are searched. An intuitive search interface also helps to make full company searches up to 80% quicker.
Cyren helps enable privacy by design – a secure, audited archive
GDPR requires that you demonstrate privacy by design. This is a philosophy that fits perfectly with Cyren. Email data in Cyren’s archive can never be altered, removing any risk of vital information being lost. The unalterable nature of Cyren’s archive also creates evidential quality data, with deletions being audited.
In constructing a business that is fully compliant with GDPR you have to carefully choose the best solutions for your budget. Cyren Email Archiving can help make your business responsive and secure when it comes to email data.
To find out more, register for the live webinar Now is the time to revisit your email archiving needs.